Method for verifying the authenticity of a product

ABSTRACT

In order to verify the authenticity of a product associated with a host device, the product contains, in segments of a non-volatile memory, several different functions stored in ciphered fashion. The host device sends a control signal for selecting and activating one of those ciphered functions. The product then deciphers and executes the function. The result of the function execution is then communicated back to host device when a decision on product authenticity is made.

PRIORITY

This application claims the priority benefit of French PatentApplication number 1355728, filed on Jun. 18, 2013, the contents ofwhich is hereby incorporated by reference in its entirety to the maximumcontent allowable by law.

TECHNICAL FIELD

The present disclosure generally relates to electronic circuits and,more specifically, to a method for verifying the authenticity or theorigin of a product (an accessory or a consumable) intended to cooperatewith a device.

BACKGROUND

In many fields, it is desired to guarantee that a product, for example,an ink cartridge, a battery, an accessory, etc., to be used in a device,is an original or authentic product, that is, a product approved by thedevice manufacturer. To achieve this, an authentication key is generallystored in an electronic circuit associated with this product and isused, when the product is installed in the device or when it shouldcooperate therewith, to verify that the product is authentic.

However, if the secret can be discovered and a manufacturercommercializes products which are not approved by the devicemanufacturer, but are however equipped with circuits having the rightkey, the devices will consider these products as authentic.

SUMMARY

An embodiment aims at a technique for verifying the authenticity of aproduct, which overcomes all or part of the disadvantages of existingsolutions.

Another embodiment aims at a solution which enables to block the use ofbatches of non-authentic products without for all this preventing theuse of authentic products of same generation.

To achieve all or part of these and other objects, the presentdisclosure provides a method for verifying the authenticity of a productassociated with a host device, wherein the product contains, in segmentsof a non-volatile memory, several different functions stored in cipheredfashion, comprising the following successive steps: the host devicesends a control signal for activating one of said functions; the productdeciphers said function; the product executes the deciphered function;and the product sends a result of this execution to the host device.

According to an embodiment, a key for deciphering the segment containingthe function is contained in the activation control signal sent by thehost device.

According to an embodiment, the host device verifies the result toauthenticate the product.

According to an embodiment, the deciphered function is stored in avolatile memory only.

According to an embodiment, the method is implemented once per product.

According to an embodiment, the method is implemented on each use of theproduct by the device.

According to an embodiment, the host device contains one functionidentifier only.

According to an embodiment, said segments are stored on manufacturing ofthe product.

According to an embodiment, different versions of devices activatedifferent functions of a same type of products.

According to an embodiment, a system comprising at least one host deviceand at least one product associated with this host device, adapted tothe above method, is also provided.

According to an embodiment, the devices are printers and the productsare ink cartridges.

The foregoing and other features and advantages will be discussed indetail in the following non-limiting description of specific embodimentsin connection with the accompanying drawings.

BRIEF DESCRIPTION OF THE DRAWINGS

FIG. 1 very schematically shows in the form of blocks an example of asystem of the type to which the present disclosure applies as anexample;

FIG. 2 illustrates an example of storage on the side of the product tobe authenticated;

FIG. 3 very schematically illustrates an embodiment of the method ofauthentication of a product by a device; and

FIG. 4 illustrates, in the form of blocks, an example of stepsimplemented by a product.

DETAILED DESCRIPTION OF THE DRAWINGS

The same elements have been designated with the same reference numeralsin the different drawings. For clarity, only those steps and elementswhich are useful to the understanding of the embodiments which will bedescribed have been shown and will be detailed. In particular, thecryptographic ciphering and deciphering processes capable of being usedin data exchanges between a device and its accessories or consumableshave not been detailed, the described embodiments being compatible withusual processes.

FIG. 1 very schematically shows, in the form of blocks, an example of asystem of the type to which the embodiments which will be describedapply.

A host device 1 is capable of receiving or of operating with one orseveral products 2, accessories (ACC), or consumables (CONS).

As a specific example of application, the host device is a printer andthe product (consumable) is an ink cartridge. According to anotherexample, it is an electronic system (for example, a game console, a cellphone, etc.) using accessories (for example, game pads, earphones, ahull, a case, etc.). More generally, it may be any type of system basedon the cooperation between a main device and one or several accessoriesor consumables.

Although reference will be made hereafter to the example of a printerand of its ink cartridges, all that will be described transposes, unlessotherwise mentioned, to the other systems.

Printer manufacturers are generally looking for a protection against theuse of counterfeit or non-authentic cartridges in order, among otherthings, to guarantee the quality and the reliability of the originalcartridges with respect to copies or “clones” for their users. Anotherobject is to avoid possible counterfeiting. Reference will be madehereafter to copies to designate non-authentic products, be they slavishimitations or more generally similar products capable of being used toreplace authentic products.

The protection generally comprises a mechanism of authentication of anew cartridge introduced into the printer, or even an authentication oneach powering-on of the printer, on each leaving of the stand-by mode,or on each printing (on each use of the product). The printer and eachcartridge are equipped with an electronic circuit adapted to such anauthentication, for example, a cryptographic processor or a programexecuted by a generic processor. Keys are present on the printer sideand on the cartridge side.

For example, as illustrated in FIG. 1, printer 1 comprises amicrocontroller-type circuit 12 (μC) capable of communicating over oneor several address, control, and data buses 13, with one or severalmemories 14, one or several peripherals 15 (PER), for example, thevarious circuits of the printer, and one or several input-outputcircuits 16 (E/S), among which a device capable of communicating withcartridges 2.

An ink cartridge 2 comprises at least one secure circuit 22 for example,of microcontroller type, comprising the same type of components (notshown): a processor, volatile and non-volatile memories, an input-outputinterface towards a bus of communication with the printer, etc.

Generally, at the manufacturing, an authentication key formed of a dataword is stored in a secure memory of circuit 22. When the cartridge ispaired up with the printer, the latter starts an authenticationprocedure based on this key. To be recognized, all cartridges compatiblewith a given printer should have a key enabling to authenticate itselfwith this printer, possibly originating from a key derivation mechanism.

Such a mechanism becomes inefficient if the key of a series ofcartridges is discovered. In such a case, copies are capable of beingmanufactured with an authentication method using the right key and theprinter will be unable to discriminate them from the originalcartridges.

A current solution for printer manufacturers is to change the printermodel to change the cartridge type. Indeed, it cannot be envisaged toprogram a new key in a new batch of printers and to change the cartridgekey, since printers already in circulation could then no longer operatewith the new cartridges.

Actually, it becomes impossible to revoke a key shared between a printerand a cartridge type, the only solution being to forbid printers alreadyin circulation to use the new cartridges. This would then force theseprinters to only use copies, which is precisely what is desired to beavoided.

According to the present disclosure, it is provided to store in cipheredfashion, in a memory of the circuit associated with the cartridges,several segments of one or several instructions capable of being used bya processor of the cartridge, each segment being ciphered with adifferent key. The stored instructions are selected to execute adifferent function from one segment or sub-program to another. Further,the storage is made in the form of opcodes and of operands directlyinterpretable by the cartridge processor. The keys for encrypting thesegments are unknown by the cartridge. They are not stored therein.

FIG. 2 illustrates an embodiment of such a method. A memory 23 of securecircuit 22 of a cartridge comprises several instruction segments 231(CSEG1, CSEG2, . . . , CSEGn). Each segment contains at least one opcodeand, possibly, all or part of the arguments (operands) of the functionto be executed. Each segment may contain several opcodes according tothe function that it represents. Certain opcodes may be present indifferent segments (for example, data reading), provided for the segmentfunction to be different.

FIG. 3 illustrates an embodiment of the method for verifying theauthenticity of a cartridge.

On introduction of a new cartridge (PRODUCT), the printer (HOST) detectsit and sends an activation control signal to the cartridge (ACT). Thecontrol signal contains an identifier of a segment 231 (SEGi) to bedecoded as well as the corresponding deciphering key (KEYi). Accordingto the mode of ciphering of the used exchanges, part of the key may becontained in the cartridge, or a key for ciphering the exchanges iscontained in the cartridge and is used for the transfer of decipheringkey KEYi of the segment.

The cartridge (its microprocessor) uses the key transmitted by theprinter to decipher the identified segment. Then, the codes of thissegment are stored in non-ciphered fashion (STORE UNCIPHERED OPCODES) ina memory (25, FIG. 2) or in an area of memory 23, accessible byprocessor 26 (PROC) of circuit 22, so that function FCTi contained inthe deciphered segment can be executed (EXEC FCTi).

Once the function has been executed by the microprocessor, one orseveral results (RESULT) are sent by the cartridge to the printer toverify the authenticity.

The printer then verifies whether the result is in accordance with whatit expects and determines whether the cartridge is authentic or not(OK/NOK). The procedure in the case of a non-authentic cartridge isusual (printer blocking, error message, etc.).

FIG. 4 illustrates, in the form of blocks, an example of stepsimplemented by a cartridge during the authentication process.

The cartridge starts by receiving (block 41, RECEIVE ACT) an activationcontrol signal sent by the printer.

As indicated hereabove, the electronic circuit of the cartridgedeciphers (block 42, DECIPHER(CSEGi)) the memory segment correspondingto the identifier sent by the printer. This identifier is, for example,the beginning address of the segment in memory 23 or the address rangeof the segment in this memory. As a variation, the cartridge contains alook-up table linking the identifiers (for example, numbers) of thesegments to their addresses in memory 23.

Function FCTi contained in the segment is, once deciphered, stored innon-ciphered fashion (block 43, STORE FCTi), for example, in memory 25.Memory 25 is not necessarily a non-volatile memory. It may indeed beprovided for the function not to be a permanent function added for thenew printer version, but only a function used to verify the authenticityon installing of the cartridge or on each initialization (starting orleaving of the printer stand-by mode). In this case, it is not necessaryto store the function in a non-volatile memory, the printer sending anactivation control signal causing the deciphering of segment CSEGi everytime. An advantage of only storing FCTi in a volatile memory is thatthis further complicate the pirate's task.

Once the function has been deciphered, it is executed (block 44, EXECFCTi(D)) by the cartridge circuit. According to the nature of thefunction, said function uses or not an operand D provided by theprinter. The nature of the function may be purely for control purposes(arithmetic operation, for example) or to exploit information of thecartridge or of the printer. FIG. 4 illustrates three arbitrary examplesof functions having their respective results expected by printerssending the corresponding activation control signals: a first functionFCT1 sum up two data D1 and D2 (block 451, ADD(D1, D2)), data D1 and D2being for example, for one of them, contained in the activation controlsignal and, for the other, contained in segment CSEG1; a second functionFCT2 multiplies two data D1 and D2 (block 452, MULT(D1, D2)); an n-thfunction FCTn checks the cartridge ink level (block 45 n, CHECK LEVEL).The cartridge sends the result of the function to the printer (block 46,SEND RESULT), which validates or invalidates this result and allows ornot the operation. Whatever the function, the printer knows either theresult of an operation that it expects, or the nature of the informationto be communicated thereto by the cartridge.

According to a first aspect, the activation control signal is sent eachtime an authentication is needed. It can be considered that theactivation control signal includes the execution control signal. Thesegment is then deciphered each time it should be used. In this case, astorage in a non-volatile memory of the deciphered segment is notnecessary since the corresponding function is only used once on eachdeciphering.

According to a second aspect, the function is, in a first phase,deciphered at the cartridge installation (once per product) and is thenstored in non-ciphered fashion in the non-volatile memory of thecartridge. The printer may, in a second phase, implement anauthentication procedure, for example, on each leaving of the stand-bymode or on each printing, by sending a control signal for executing thefunction (possibly, with different arguments from one time to theother).

According to an alternative embodiment, the segments also contain a keycapable of being used by the cartridge to then cipher its exchanges withthe printer. Such a ciphering is usual per se.

On design of a cartridge type, the printer manufacturer selects a numbern of functions FCT to be integrated in ciphered fashion in the cartridgememory. The higher this number, the more it then has the possibility ofblocking successive versions of non-authentic cartridges, but the morespace this takes in the non-volatile memory of the cartridge. Indeed,the cartridge contains all the ciphered segments as soon as it iscreated.

Then, for each printer version compatible with this type of cartridge,the manufacturer has the choice of the function to be activated.Preferably, a given printer only has in memory a control signal foractivating a given segment CSEGi. As a variation, the identifier of thenew segment may be communicated thereto during a software update.

If the printer manufacturer desires, for a new printer version, torevoke a key used by cartridges currently in circulation, the parametersthis new printer version so that it activates a new segment on thecartridges. All authentic cartridges will keep on operating and beingcompatible with the new version.

However, even if a manufacturer of non-authentic cartridges succeeds inreproducing the key of one of the segments on his own cartridges from apiracy of cartridges in circulation, this will only enable the copies tooperate on printers of the version using the corresponding function.Copies will not function on the new printer version, which uses anothersegment. Thus, non-authentic cartridges, adapted to the first series,will only be adapted to the first printer version. This considerablycomplicates the task of the pirate manufacturer.

Thus, a manufacturer which finds out the existence of copies mayparameterize the new printers so that they activate a different segmentof cartridges in circulation. The new printer versions, while beingcompatible with the same type of cartridges, will wait for a differentresult of the authentication procedure. Accordingly,already-manufactured non-authentic cartridges will not work with newprinters.

Further, the provided mechanism is compatible with an optional update ofprinters already in circulation, for example, during softwaremodifications. Thus, for printers capable of being updated, for example,from an internet connection via a computer or directly, the manufacturercan cause the segment change.

Assuming that the memory of the authentication circuit of a cartridge istotally pirated, all the ciphered segments are then present innon-authentic circuits. The segments may even be decoded since the keyreceived by the printer will be usable by the copy. However, chances areslight for the program, once decoded, to operate and execute thefunction having its result expected by the printer. Indeed,non-authentic circuits reproduce the mechanisms of protected exchangewith the printer by pirating the encryption algorithms and the keys.However, they do not use the same processor cores as the originalproducts. Accordingly, the deciphered functions will be impossible toexecute on the processor of the non-authentic circuit.

Exchanges between the printer and the cartridge may be secured in usualfashion (for example, a symmetrical or asymmetrical ciphering based onkeys contained in the cartridge and in the printer, provided for thesekeys to be different in the ciphering keys of segments 231). However,even with the deciphering key of a segment, a non-authentic cartridgewill not operate, unless it has exactly the same microcontroller andexploitation system, which strongly limits risks.

Various embodiments have been described, various alterations andmodifications will occur to those skilled in the art. In particular, theselection of the number of segments to be stored in the products(accessories or consumables) depends on the application and on thesecurity level desired in terms of possible depth of change. Further,the selection of the authentication mechanisms also depends on theapplication. Further, the practical implementation of the describedembodiments is within the abilities of those skilled in the art based onthe functional indications given hereabove and by using encryption andprogramming tools usual per se.

Such alterations, modifications, and improvements are intended to bepart of this disclosure, and are intended to be within the spirit andthe scope of the present invention. Accordingly, the foregoingdescription is by way of example only and is not intended to belimiting. The present invention is limited only as defined in thefollowing claims and the equivalents thereto.

What is claimed is:
 1. A method for verifying the authenticity of aproduct connected to and to be used with a host device, wherein theproduct contains, stored in a non-volatile memory, cryptographicallyciphered instruction segments, wherein the cryptographically cipheredinstruction segments include at least one opcode, the method comprising:receiving, in a secure circuit of the product, from the host device, acontrol signal requesting an authenticity verification, the controlsignal including a key, wherein the cryptographically cipheredinstruction segments are stored in the product prior to the productreceiving the control signal; cryptographically deciphering, with aprocessor in the secure circuit of the product, at least one of thecryptographically ciphered instruction segments based on the key of thecontrol signal to produce at least one deciphered opcode; executing,with the processor in the secure circuit of the product, a functiondefined at least in part by the at least one deciphered opcode toproduce a result; and sending, to the host device, the result forauthenticity verification.
 2. The method of claim 1, further comprisingverifying by the host device of the result to authenticate the product.3. The method of claim 1, further comprising storing the at least onedeciphered opcode for the function in a volatile memory only.
 4. Themethod of claim 1, wherein cryptographically deciphering, executing andsending are implemented once per product.
 5. The method of claim 1,wherein cryptographically deciphering, executing and sending areimplemented on each use of the product by the device.
 6. The method ofclaim 1, wherein the host device contains one function identifier only.7. The method of claim 1, wherein said cryptographically cipheredinstruction segments are stored on manufacturing of the product.
 8. Themethod of claim 1, wherein different versions of host devices activatedifferent functions of a same type of product.
 9. A system, comprising:at least one host device; and at least one product associated with theat least one host device, the at least one product storing a pluralityof cryptographically ciphered instruction segments, wherein thecryptographically ciphered instruction segments include at least oneopcode associated with a function; wherein the host device is configuredto send a control signal for activating the function of the product, thecontrol signal including a key; and wherein the product is configuredto: receive the control signal, wherein the cryptographically cipheredinstruction segments are stored in the product prior to receipt of thecontrol signal; cryptographically decipher at least one of the pluralityof cryptographically ciphered instruction segments based on the keyusing a processor in the product to produce at least one decipheredopcode; execute the deciphered opcode to perform the function using theprocessor; and send a result from the execution of the function to thehost device for authentication.
 10. The system of claim 9, wherein thedevice is a printer and the product is an ink cartridge.
 11. A method,comprising: storing a plurality of cryptographically cipheredinstruction segments in a second device; subsequent to said storing,sending a control signal from a first device to the second device,wherein the control signal includes a cryptographic deciphering key;cryptographically deciphering, in the second device, the plurality ofcryptographically ciphered instruction segments based on thecryptographic deciphering key of the control signal to producedeciphered instruction segments; executing the deciphered instructionsegments in the second device to perform a function defined by anarithmetic operation performed on two of more data values which producesan authentication result; and sending the authentication result from thesecond device to the first device, said authentication result indicativeof whether the second device is an authentic device for use with thefirst device.
 12. The method of claim 11, wherein the arithmeticoperation adds the two data values.
 13. The method of claim 11, whereinthe arithmetic operation multiplies the two data values.
 14. The methodof claim 11, further comprising verifying the authentication result inthe first device with a calculated prediction based on the decipheringkey sent within the control signal.
 15. A method for verifying theauthenticity of a product connected to and to be used with a hostdevice, the method comprising: storing in a non-volatile memory of theproduct, cryptographically ciphered instruction segments, wherein thecryptographically ciphered instruction segments include at least oneopcode and a first operand data; subsequent to said storing, receiving,in a secure circuit of the product, from the host device, a controlsignal requesting an authenticity verification, the control signalincluding a key and a second operand data; cryptographicallydeciphering, with a processor in the secure circuit of the product, atleast one of the cryptographically ciphered instruction segments basedon the key of the control signal to produce at least one decipheredopcode and the first operand data; executing, with the processor in thesecure circuit of the product, an arithmetic function defined at leastin part by the at least one deciphered opcode operating on said firstand second operand data to produce a result; and sending, to the hostdevice, the result for authenticity verification.
 16. The method ofclaim 15, wherein the arithmetic function defined at least in part bythe at least one deciphered opcode adds the first and second operanddata.
 17. The method of claim 15, wherein the arithmetic functiondefined at least in part by the at least one deciphered opcodemultiplies the first and second operand data.
 18. The method of claim15, further comprising verifying by the host device of the result toauthenticate the product.
 19. The method of claim 15, further comprisingstoring the at least one deciphered opcode for the function in avolatile memory only.
 20. The method of claim 15, whereincryptographically deciphering, executing and sending are implementedonce per product.
 21. The method of claim 15, wherein cryptographicallydeciphering, executing and sending are implemented on each use of theproduct by the device.
 22. The method of claim 15, wherein the hostdevice contains one function identifier only.
 23. The method of claim15, wherein said cryptographically ciphered instruction segments arestored on manufacturing of the product.
 24. The method of claim 15,wherein different versions of host devices activate different functionsof a same type of product.
 25. A system, comprising: at least one hostdevice; and at least one product associated with the at least one hostdevice, the at least one product storing, at a time of manufacture ofthe product, a plurality of cryptographically ciphered instructionsegments, wherein the cryptographically ciphered instruction segmentsinclude at least one opcode and a first operand data associated with afunction; wherein the host device is configured to send a control signalfor activating the function of the product, the control signal includinga key and a second operand data; and wherein the product is configuredto: cryptographically decipher at least one of the plurality ofcryptographically ciphered instruction segments based on the key using aprocessor in the product to produce at least one deciphered opcode;execute the deciphered opcode to perform an arithmetic function on saidfirst and second operand data using the processor; and send a resultfrom the execution of the arithmetic function to the host device forauthentication.
 26. The system of claim 25, wherein the device is aprinter and the product is an ink cartridge.
 27. The system of claim 25,wherein the arithmetic function defined at least in part by the at leastone deciphered opcode adds the first and second operand data.
 28. Thesystem of claim 25, wherein the arithmetic function defined at least inpart by the at least one deciphered opcode multiplies the first andsecond operand data.